On July 23 and 25, 2018, the U.S. Department of Homeland Security (DHS) held public briefings about an attempt by a state-sponsored Russian hacking group to target control systems for U.S. electrical grids and power plants. DHS’ webinar explained that the hackers obtained access to vendors providing computer services to electric utilities companies. This initial access enabled the hackers to gain entry to power company control systems through a complex series of security compromises lasting quite some time.

The Federal Bureau of Investigation (“FBI”) issued Public Service Announcement (“PSA”) I-082715a, updating a previous PSA describing the “Business E-mail Compromise.” The FBI defines the Business E-mail Compromise as “a sophisticated scam targeting businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The scam is carried out by compromising legitimate business e-mail accounts through social engineering or computer intrusion techniques to conduct unauthorized transfers of funds.” The attack often leads to business wire transferring substantial funds (amounts in the hundreds of thousands or millions of dollars) directly to bogus bank accounts set up by the thieves. The majority of these attacks send funds to banks in the Far East.

On April 1, 2015, President Obama issued Executive Order 13694, creating a new sanctions program that targets the growing and evolving threat posed by cyber-attacks.  The Order authorizes sanctions against those who seek to use cyber-attacks to harm critical infrastructure, target network availability, and steal sensitive information, such as trade secrets and personal financial information.

The Order requires the freezing of assets of designated cyber-attackers in the United States or in the control or possession of US persons.  It also prohibits US individuals and organizations from engaging in any transactions with those on the sanctions list or any entities they own.